Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Resolved! DNAT not working

 

This is my topology. From 30.0.0.10 i would like to access the server 192.168.0.2 with the help of PA wan interface IP(30.0.0.1)
I have created DNAT and Security policy .

 

 

 

 

Object Prenat IP is 30.0.0.1/8 and Webserver Ip is 192.168.0.2/24,

...

ArunKumar7_0-1707445707080.png
ArunKumar7_1-1707445706922.png
ArunKumar7_2-1707445707089.png

XXF and building Security Policy

Hi all, 

 

I would like to know how I would go about creating security policies based of the XFF headers please, any help would be appreciated.  

 

I have read the documentation and I have to enable the XFF header 

 

  • Select ->Device ->Setup ->Conten
...

sxk654 by L0 Member
  • 1958 Views
  • 3 replies
  • 0 Likes

SSL and TLS vulnerabilities

Hi Team,

We have to 2 Paloalto VM firewall running active-passive mode in AWS.

As a part of internal Pentest we go the below findings for the Active and passive firewall nodes. The result refers to SSL and TLS vulnerabilities.

Could you please suggest o

...

Senibo by L1 Bithead
  • 1129 Views
  • 3 replies
  • 0 Likes

Resolved! Custom URL category with directories

Hi guys,

I am trying to create a custom url category to allow only these (s3.amazonaws.com/icount-pdfs

example:

https://s3.amazonaws.com/icount-pdfs/57764_25566fbb6fd6bbab6b0f35eba91bb55e.pdf?17016197031

 

i have tried:  

s3.amazonaws.com/icount-pdf

...

chens by L2 Linker
  • 2117 Views
  • 3 replies
  • 0 Likes

Resolved! Including CVE in Threat Logs

For as long as the Palo Threat feature has been around, I can't believe this feature doesn't already exist.

 

Would it be possible for Palo to include the associated CVE as a field next to the ThreatID?  These mapps occur outside of the Firewall as p

...

  • 1205 Posts
  • 45 Subscriptions